__________________Infinity Journal "I don't care if this works in practice. I want to see it work in theory!"

- The job of the British Army out here is to kill or capture Communist Terrorists in Malaya.
- If we can double the ratio of kills per contact, we will soon put an end to the shooting in Malaya.Sir Gerald Templer, foreword to the "Conduct of Anti-Terrorist Operations in Malaya," 1958 Edition

There are several ways to do it, but none are 100% effective. I'm using one of the better ones on my own blog which stops about 150-200 spams a day, but I still have to manually delete 2-6 per day.

I've had good success with the following...

1) It's probably not ideal for SWJ, but to reduce my "cyber footprint" for spam searchers, I set my robots.txt file to...

Quote:

User-Agent: *
Disallow: /

I still show up first in any Google search for "Schmedlap" (a common search term, I'm sure!). But, I don't think most people have much luck in searching my site for content (what little there is). Works for me because I don't need the site to generate revenue because my expenses are cheap.

2) My code is written by me. Being an amateur, it is surely convoluted. I have seen strings of literally hundreds of log files where spammers (most likely from foreign countries) clearly were not reading the instructions and couldn't figure out how to post their spam (hint: check the box that says "submit without previewing"!)

3) I only allow a few specific HTML tags. Surprisingly, even after I permitted the anchor tag, most of the spammers tried some other goofy syntax to link to their (DVDs/footwear/porn/malware/etc) and it merely posted as plain text (after they made several go arounds with my convoluted code). They were quickly discouraged and stopped after two spam posts.

Good point on the IP address. The two spam posts that got through were identical, but one was from China and the other from Argentina, so I'm guessing they were masking/impersonating IP addresses.

Thus far, I've had only two spam posts, but many hundreds of attempts. And that's without asking for anyone's email address or requiring anyone to register. I teh rulz!

Late to this thread, and strictly amateur myself, but on the basis of advice from others smarter our system picks up a lot. FYI:

We have a decent long list of denys in .htaccess

Robots.txt is nice but only responsible robots read it

God only knows how much those two deny

1,000+ crap comments a day leak through those two above on the Blog, etc.. Looking at the logs, rarely < 1/min. Most of those are throttled by basic measures before they even get to the junk-o-lator, which then picks up most of the rest. Some of which are ID'd by repeat offender IP. Still a handful of comments need manual intervention.

Things are a lot tighter on SWC, but still some leakers. We are blessed with some very active moderators here in the forums.

Any more serious lock-down winds up locking out responsible users. Like our old foray with TypeKey. We still need to update a lot, but we plod along in a semi-functional way. C'est la e-vie.

Any more serious lock-down winds up locking out responsible users. Like our old foray with TypeKey. We still need to update a lot, but we plod along in a semi-functional way. C'est la e-vie.

Once again you got it one. I'm putting you in for the vBulletin spam sniper award. Multiple levels of captcha's, IP deny tools (I've got one list with 100K spam bot IP's), and much more get pretty much all of it. You've likely hit the perfect balance between user lock out and spam lock out. The difference between usability and security being not such a nice and easy place to find you've all done pretty well. One of the forums I was helping was getting 30 to 40 porn spams a day. We implemented all of the protection measures and stopped it dead. Then the forum owner got sad because his unique user numbers plummeted. He removed all of the protections and the forum content can be found between pictures that suggest gymnastics only possible in science fiction and promotion opportunities that can't and shouldn't be believed.

__________________
Sam LilesSelil BlogDon't forget to duck Secret SquirrelThe scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives. All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.